<?php
/* 
 * User class, all user related processes will be handled here
 */
defined('SECUR_CHECK') or die("Security error");
class user
{
    var $id;
    var $new;
    var $level;
    var $email;
    var $password;
    var $profile;
    var $template;
    var $loggedin;

    function  __construct($uid = false) {
        global $database;
        if($uid === false)
        {
            $this->new = true;          // New user when saved
            $this->loggedin = false;    // Not logged in
            $this->level = -1;          // Anonymous user level
        }
        else
        {
            $userdata = $database->sql_array("SELECT * FROM brm_users WHERE id = '$uid'");
            if($userdata)
            {
                // User exists
                $this->new = false;
                $this->id            =    $userdata[0]['id'];
                $this->email        =    $userdata[0]['user_email'];
                $this->password  =    $userdata[0]['user_password'];
                $this->level        =    $userdata[0]['user_level'];
                $this->template   =    $userdata[0]['user_template'];
                $this->loggedin     =   true;
                $this->profile      =    $this->get_profile($this->id);

            }
            else
            {
                // No user has been found, must be new / false
                $this->new = true;          // New user when saved
                $this->loggedin = false;    // Not logged in
                $this->level = -1;          // Anonymous user level
            }
        }
    }
    function get_profile($uid)
    {
        global $database;
        $profiledata = $database->sql_array("SELECT * FROM brm_user_profiles WHERE prof_user_id = '$uid'");
        return $profiledata;
    }
    /*
     * login function
     */
    function login($email, $password)
    {
        global $database;
        $email = $database->escape($email);
        $userdata = $database->sql_array("SELECT * FROM brm_users WHERE user_email = '$email'");
        if($userdata)
        {
            if($userdata[0]['user_password'] == md5($password))
            {
                // Login
                $_SESSION['uid'] = $userdata[0]['id'];
                $_SESSION['loggedin'] = true;
                $this->id   =   $userdata[0]['id'];
                return true;
            }
            else
            {
                return false;
            }
        }
        else
        {
            return false;
        }
    }
    /*
     * Checks if user exists
     */
    function user_exists($email)
    {
        global $database;
        $email = $database->escape($email);
        $userdata = $database->sql_array("SELECT * FROM brm_users WHERE user_email = '$email'");
        if($userdata)
        {
            return true;
        }
        else
        {
            return false;
        }
    }
    /*
     * Save new or existing user data to DB
     */
    function save()
    {
        global $database;
        if($this->new)
        {
            // Save new user
            if($this->email != NULL || $this->password != NULL || $this->profile != NULL)
            {
                $this->email = $database->escape($this->email);
                $sql = "INSERT INTO brm_users (user_email, user_password) VALUES ('{$this->email}', '{$this->password}')";
                $database->sql_exe($sql);
                $sql = "SELECT id FROM brm_users WHERE user_email='{$this->email}'";
                $userdata = $database->sql_array($sql);
                $uid = $userdata[0]['id'];

                /*
                 * Insert profile for new user
                 */
                $sql = "INSERT INTO brm_user_profiles (prof_user_id, prof_fullname) VALUES ('{$uid}', '{$this->profile[0]['prof_fullname']}')";
                $database->sql_exe($sql);

                /*
                 * Insert options row for new user
                 */
                $sql = "INSERT INTO brm_user_options (brm_users_id) VALUES ($uid)";
                $database->sql_exe($sql);
                
                return true;
            }
            else
            {
                return false;
            }
        }
        else
        {
            // Update existing user
        }
    }
    function get_option($option_column)
    {
        global $database;
        $sql = "SELECT $option_column FROM brm_user_options WHERE brm_users_id = {$this->id}";
        $result = $database->sql_array($sql);
        return $result[0][$option_column];
    }
    function set_option($option_colum, $value)
    {
        global $database;
        $value = $database->escape($value);
        $sql = "UPDATE brm_user_options set $option_colum = '$value'";
        $database->sql_array($sql);
    }
}

?>
